Seoul, Mar 14
Four months after a cyberattack shook the British Library in October 2023, the institution is still struggling to make its website fully functional. A notification on the site says that certain services will be restored over the coming months “though problems in various other services will persist for longer”. Infrastructure to store recovered data is not expected to be operational before mid-April this year.
“We’re continuing to experience a major technology outage as a result of a cyber-attack. The outage is still affecting our website, online systems and services, as well as some onsite services, however our buildings are still open as usual,” the notification on the site reads. The British Library has also advised all its users to update their information to protect themselves better.
The ransomware group Rhysida which took responsibility for the attack released user information on the dark web for auction in November last year after the British Library denied ransom under the United Kingdom’s national policy.
The Rhysida group, according to a paper released by the British Library, exfiltrated data, encrypted or destroyed substantial portions of the library’s server estate, while also forcibly locking out all users from the network. The cyberattack compromised the majority of the library’s online systems.
Around 600GB of files, or half a million individual documents, have been reported by the British Library to have been removed from its network. The detailed analysis of this data is expected to be concluded by the end of this month.
The report further states that the group gained access to the library’s server three days prior to the incident, coming to the notice of the library officials, most likely for “hostile reconnaissance” of the servers.
The British Library has said that major software, including the main library service/management platform, cannot be brought back to its pre-attack form since some are no longer supported by their vendors, and others will not be functional on the new secure infrastructure that is being rolled out.
Currently, the library is struggling with the infrastructure where the data can be stored once it has been recovered from the cyberattackers. The infrastructure in question is in the process of being rebuilt and renewed, though work, which was confirmed in December, is not expected to be completed before mid-April 2024.
In December, the library, however, identified viable sources of backup that were unaffected by the attack. The process of calculating the finances of restoring the library’s network to full capacity is undergoing investigation and is also yet to be determined.
